From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Fri, 12 Aug 2016 20:03:18 +0000 (-0400)
Subject: livepatch: Bubble up sanity checks on Elf relocs
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~420
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=aa1ae74cb565840a7994c803b4bd935d64d0dce5;p=xen.git

livepatch: Bubble up sanity checks on Elf relocs

The checks for SHT_REL[,A] ELF sanity checks does not need to
be in the platform specific file and can be bubbled up
in the platform agnostic file.

This makes the ARM 32/64 implementation easier as the
duplicate checks don't have to be in the platform specific files.

Acked-by: Jan Beulich <jbeulich@suse.com> [x86 part]
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---

diff --git a/xen/arch/x86/livepatch.c b/xen/arch/x86/livepatch.c
index 1023fab8c9..39620f9967 100644
--- a/xen/arch/x86/livepatch.c
+++ b/xen/arch/x86/livepatch.c
@@ -122,18 +122,6 @@ int arch_livepatch_perform_rela(struct livepatch_elf *elf,
     uint64_t val;
     uint8_t *dest;
 
-    /* Nothing to do. */
-    if ( !rela->sec->sh_size )
-        return 0;
-
-    if ( rela->sec->sh_entsize < sizeof(Elf_RelA) ||
-         rela->sec->sh_size % rela->sec->sh_entsize )
-    {
-        dprintk(XENLOG_ERR, LIVEPATCH "%s: Section relative header is corrupted!\n",
-                elf->name);
-        return -EINVAL;
-    }
-
     for ( i = 0; i < (rela->sec->sh_size / rela->sec->sh_entsize); i++ )
     {
         r = rela->data + i * rela->sec->sh_entsize;
diff --git a/xen/common/livepatch_elf.c b/xen/common/livepatch_elf.c
index 789e8fc0af..cda9b2730e 100644
--- a/xen/common/livepatch_elf.c
+++ b/xen/common/livepatch_elf.c
@@ -335,6 +335,7 @@ int livepatch_elf_perform_relocs(struct livepatch_elf *elf)
     struct livepatch_elf_sec *r, *base;
     unsigned int i;
     int rc = 0;
+    size_t sz;
 
     ASSERT(elf->sym);
 
@@ -364,6 +365,22 @@ int livepatch_elf_perform_relocs(struct livepatch_elf *elf)
             break;
         }
 
+        if ( r->sec->sh_type == SHT_RELA )
+            sz = sizeof(Elf_RelA);
+        else
+            sz = sizeof(Elf_Rel);
+
+        if ( !r->sec->sh_size )
+            continue;
+
+        if ( r->sec->sh_entsize < sz || r->sec->sh_size % r->sec->sh_entsize )
+        {
+            dprintk(XENLOG_ERR, LIVEPATCH "%s: Section relative header is corrupted!\n",
+                    elf->name);
+            rc = -EINVAL;
+            break;
+        }
+
         if ( r->sec->sh_type == SHT_RELA )
             rc = arch_livepatch_perform_rela(elf, base, r);
         else /* SHT_REL */